Former Australian Spy Boss: Listed Companies Need To Think About Disclosing IT Attacks

The former head of the ASD has warned listed companies they need to consider disclosing cyber attacks (Photo: Getty)

Ian McKenzie was one of Australia’s top spies until he resigned in November last year.

As head of the Australian Signals Directorate, the country’s electronic espionage agency, he was in charge of preventing electronic attacks, as well as using technology to gather information for Australia.

In an interview with The Australian Financial Review, McKenzie has outlined some tips for corporate Australia, with companies more at risk than ever from technology-driven attacks. This is especially important for listed Australian businesses, faced with continuous disclosure rules.

“You’re the CEO of a large company and you’re advised that the core of your network has been hacked by either a foreign government or organised crime, and that they have your IT administrator privileges.

“This nasty actor has broad control of your network. And you are a company that provides services to other firms. But you don’t know exactly what they have done. What do you do? Do you tell your customers? Do you tell the ASX? It is not clear what the answers are. This is unchartered ­territory.”

In the article, McKenzie outlines some tips for bosses faced with the relatively new risks posed by cyber crime, and modern corporate espionage.

He says they need to understand what their most valuable information is, and how it is protected, and then implement some cyber safeguards. Interestingly though, he also says an outsider should check the system.

“Internal IT providers, or external suppliers, often cannot see the problems, or don’t want to admit shortcomings, and, in a connected world they can be a weak link in your information security.

“The issue of data security needs ongoing attention – it should be a regular agenda item on management committees and sensible component of any risk management process in a modern company.”

Meanwhile, McKenzie also mentioned the department he headed for six years at times needed to react to incidents in government networks triggered by a “disgruntled employee”.

There’s more here.

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.